Talking about design & implementation of solutions using modern OSS frameworks, tools, open standards and cutting-edge technology

Wednesday, October 5, 2011

The apt keys, importing keys in batch mode

Why?
Sometimes a fresh Ubuntu or Debian install is mandatory or commanded, but we forget to export all GPG apt keys before the wipe. Once we made the installation we start to add our previously sources lists entries (hope you don't forget to save them first). In my case I use several entries many referencing some useful PPAs on Launchpad, this an excerpt:

When we run then apt-get update in our fresh install we end with this annoying warning message:

W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used.GPG error: ... Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>

W: Failed to fetch ...

W: Some index files failed to download, they have been ignored, or old ones used instead.

To avoid these warnings you shall to explicit import the public keys (40976EAF437D05B5) via Synaptic Package Manager or apt-key command.

How?
In my case, I keep a file (~/Sandbox/aptkeys/aptkeys) with a list of keys on my profile, one per line. Then, when a /etc/apt/sources.list archive get modified and the command apt-get update emits this kind of warning message, I append this key (40976EAF437D05B5) to the end of the file ~/Sandbox/aptkeys/aptkeys using a text editor or cat command. Here is an excerpt of my aptkeys file: